all InfoSec news
Igor’s Tip of the Week #149: Using symbolic constants in the decompiler
July 21, 2023, 5:56 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
We’ve covered the usage of symbolic constants (enums) in the disassembly. but they are also useful in the pseudocode view.
Reusing constants from disassembly
If a number has been converted to a symbolic constant in the disassembly and it is present in unchanged form in pseudocode, the decompiler will use it in the output. For example, consider this call:
.text:00405D72 push 1 ; nShowCmd
.text:00405D74 cmovnb eax, [esp+114h+lpParameters]
.text:00405D79 push 0 ; lpDirectory
.text:00405D7B push eax ; lpParameters
.text:00405D7C …
More from malware.news / Malware Analysis, News and Indicators - Latest topics
What the Biggest-Ever Botnet Takedown Means
1 day, 5 hours ago |
malware.news
Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins
1 day, 8 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC